Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

____ are likely in the event of a hacker attack, when the attacker retreats to a chat room and describes in specific detail to his or her associates the method and results of his or her latest conquest.

A continuously changing process presents challenges in acquisition, as there is not a fixed state that can be collected, hashed, and so forth. This has given rise to the concept of ____ forensics which captures a point-in-time picture of a process.

One of the primary responsibilities of the IRP team is to ensure that the ____ is prepared to respond to each incident it may face.

A(n) ____ is a detailed examination of the events that occurred, from first detection of an incident to final recovery.

____ is the process of systematically examining information assets for evidentiary material that can provide insight into how an incident transpired.

The Southeast Collegiate Cyber Defense Competition is unique in that it focuses on the operational aspect of managing and protecting an existing network infrastructure. Unlike “capture-the-flag ” exercises, this competition is exclusively a real-world ____ competition.

From the e-Activity, explain in your own words what you believe CP attempts to provide for an organization, and describe what you believe is the most important CP consideration for an organization. Provide a rationale for your answer.

Consider an organization in a specific industry (e.g., healthcare, financial, etc.), and discuss the potential shortcomings and repercussions if an organization in this sector neglected to participate in contingency planning efforts. Provide two real-world examples (successes and / or failures) to justify your answer.

Suppose you were recently hired for a new initiative as a business continuity lead / manager at a medium-sized healthcare company. You have been asked to prepare a presentation to the Board of Directors on your main duties for the company and how your position could help protect the business in case of a large-scale incident or disaster. You have been alerted that since this is a new initiative and could come with a potentially large price tag, there is skepticism from some of the Board members.

Read the article titled “When Stuxnet Hit the Homeland: Government Response to the Rescue,” from ABC News, located at http://abcnews.go.com/blogs/headlines/2012/06/when-stuxnet-hit-the-homeland-government-response-to-the-rescue/ and consider this threat in terms of incident response and recovery procedures.

Imagine you have just taken over the manager position for your organization’s incident response team, after coming from another division in the company. Your first realization is that proper procedures, best practices, and sound technologies are not being utilized. You decide to revamp the team’s efforts.

Suppose that you have been alerted of a potential incident involving a suspected worm spreading via buffer overflow techniques, compromising Microsoft IIS Web servers. As the IR Team leader, it is your responsibility to determine the next steps.

Read the article titled “9/11: Top lessons learned for disaster recovery,” from Computerworld.com, located athttp://www.computerworld.com/s/article/9219867/9_11_Top_lessons_learned_for_disaster_recovery, and consider the effects the attacks of September 11, 2001, have had on technology recovery efforts.

Consider a scenario where the contingency planning management team (CPMT) of your organization has designated you as the disaster recovery team leader, and the preparation and planning of this component of the security program is now under your purview with a team of 11 employees including yourself.

Create a hypothetical organization with details including geographic location(s), number of employees in each location, primary business functions, operational and technology details, potential threats to the business and its technology, and anything else that you believe is relevant to the business.